You can create easily Access control list based on the IP address/Host name using Tomcat Valves. A Valve element represents a component that will be inserted into the request processing pipeline for the associated Catalina container.

The Remote Address Filter allows you to compare the IP address of the client that submitted this request against one or more regular expressions, and either allow the request to continue or refuse to process the request from this client.
For example, to block all requests coming in except those from the local host:

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="" />

The Remote Host filter is much like the Remote Address Valve, except it allows you to compare the remote host address of the client that submitted this request instead of the fixed IP address. A Remote Host filter can be associated with a Tomcat Engine , Host, or Context container. An example entry using the org.apache.catalina.valves.RemoteHostValve can be found in the following code snippet.

 <Valve className="org.apache.catalina.valves.RemoteHostValve" deny="badhost*"/>

This valve entry denies access to the assigned container for the host whose name starts with badhost. If I assign this valve entry to the host container localhost, then all clients beginning with badhost will see a 403 - Forbidden page.


Related articles available on

How do I reload dynamically my jsp from an ear ?

  Deploy your Jsp as part of an application deployed in exploded

Where is my compiled JSP ?

JBoss recipe of the day

How do you configure WildFly / JBoss to enable HTTP logging ?

WildFly users WildFly uses Undertow as Web server, which has dep

JBoss Struts tutorial

This article explains how you can setup quickly an application ba

How do you configure a Web Application as Default Web app ?

WildFly users For WildFly users you have to include in jboss-web

Developing Portlets with JBoss Portal

JBoss Portal is an open source platform for hosting and serving a